Back in the day, before cryptocurrency was worth anything, an email address and a password was all you needed to login to an exchange. Then came 2FA, using email verification or Google Authenticator. Then came the third generation of secure sign-in methods, and that’s when things started getting weird.
From Fit the Puzzle to Make the Gesture
As attackers have gotten more sophisticated, so have the measures cryptocurrency exchanges have taken to keep them at bay. These are designed to fulfill a range of objectives, including spam and bot deterrence, as well as to perform increased due diligence for legal reasons.
Binance with its “Fit the puzzle piece carefully” which has spawned numerous memes, and kept its customer support busy attending to users who can’t fit the puzzle. Kucoin, meanwhile, began asking odd questions of its customers a few weeks ago, and then repeating those questions every time they went to login, much to their annoyance.
Bittrex will force you to log in twice after clicking a link in your email, stating that it doesn’t recognize your IP – even when you’re signing in from your usual location on your usual device. The quirks of logging into major exchanges have been assimilated into cryptocurrency culture, and while users may grumble, they accept that these measures are in place for their own benefit. Gate.io’s latest verification trick, though, has gotten traders talking:
Prove You’re Human
Completing KYC for Gate.io in a public place is no longer viable, but perhaps that’s part of the plan: to embarrass users into upping their opsec by logging in at home. As part of the verification process, users are required to recreate four out of a possible nine gestures before their webcam. From a security perspective, it’s certainly effective: bots have yet to master human gestures while pulling gang signs.
In no other industry would the public tolerate such bizarre security measures. Cryptocurrency is different though. Undergoing unorthodox procedures is the price that must be paid for trading on an exchange. Traders can complain, but if they want to withdraw their funds, they have no option other than to comply.